Instantly share code, notes, and snippets.

What would you like to do?
OpsWorks Docker image-based deployment


Things to make Docker go on Ops Works. We need help.</pakled>

Described in this blog post of mine and based on this AWS blog entry


  1. Set up a new stack in OpsWorks. Under Advanced set the following:
    • Chef version: 11.10
    • Use custom Chef cookbooks: https git url to a repo containing the other files in the gist inside owdocker/recipes/
    • Manage Berkshelf: Yes
    • Berkshelf version: 3.1.3
  2. Add a layer
    • Type: Other
    • Recipes
      • Setup: owdocker::install
      • Deploy: owdocker::docker-image-deploy
  3. Add an App
    • Type: Other
    • Repository type: Other
    • Environment variables:
      • registry_image: The path portion of a docker pull command ala: docker pull $registry_image
      • registry_tag: The tag of the image that should be pulled from the registry ala$registry_tag
      • layer: The shortname of the layer the image should be deployed to
      • service_port: The port on the HOST that will be connected to the container
      • container_port: The port on the CONTAINER that will be connected to the service port
      • registry_username: OPTIONAL username to login to the registry
      • registry_password: OPTIONAL password to login to the registry
      • registry_url: OPTIONAL url to a non registry ala
source ""
cookbook "apt", '~>2.6.0'
cookbook 'docker', '~> 0.36.0'
cookbook 'windows', '~> 1.34.0'
include_recipe 'deploy'
include_recipe 'docker'"Entering docker-image-deploy")
node[:deploy].each do |application, deploy|
if node[:opsworks][:instance][:layers].first != deploy[:environment_variables][:layer]
Chef::Log.warn("Skipping deploy::docker application #{application} as it is not deployed to this layer")
opsworks_deploy_dir do
user deploy[:user]
group deploy[:group]
path deploy[:deploy_to]
opsworks_deploy do
deploy_data deploy
app application
end'Docker cleanup')
bash "docker-cleanup" do
user "root"
returns [0, 1]
code <<-EOH
if docker ps | grep #{deploy[:application]};
docker stop #{deploy[:application]}
sleep 3
docker rm -f #{deploy[:application]}
if docker ps -a | grep #{deploy[:application]};
docker rm -f #{deploy[:application]}
if docker images | grep #{deploy[:environment_variables][:registry_image]};
docker rmi -f $(docker images | grep -m 1 #{deploy[:environment_variables][:registry_image]} | awk {'print $3'})
if deploy[:environment_variables][:registry_username]"REGISTRY: Login as #{deploy[:environment_variables][:registry_username]} to #{deploy[:environment_variables][:registry_url]}")
docker_registry "#{deploy[:environment_variables][:registry_url]}" do
username deploy[:environment_variables][:registry_username]
password deploy[:environment_variables][:registry_password]
email deploy[:environment_variables][:registry_username]
# Pull tagged image"IMAGE: Pulling #{deploy[:environment_variables][:registry_image]}:#{deploy[:environment_variables][:registry_tag]}")
docker_image "#{deploy[:environment_variables][:registry_image]}" do
tag deploy[:environment_variables][:registry_tag]
dockerenvs = " "
deploy[:environment_variables].each do |key, value|
dockerenvs=dockerenvs+" -e "+key+"="+value unless key == "registry_password"
end"ENVs: #{dockerenvs}")'docker-run start')
bash "docker-run" do
user "root"
code <<-EOH
docker run #{dockerenvs} -p #{node[:opsworks][:instance][:private_ip]}:#{deploy[:environment_variables][:service_port]}:#{deploy[:environment_variables][:container_port]} --name #{deploy[:application]} -d #{deploy[:environment_variables][:registry_image]}:#{deploy[:environment_variables][:registry_tag]}
end'docker-run stop')
end"Exiting docker-image-deploy")
include_recipe 'apt'
package 'apt-transport-https'
apt_repository "docker" do
uri ""
distribution "docker"
components ["main"]
keyserver "hkp://"
key "36A1D7869245C8950F966E92D8576A8BA88D21E9"
execute "apt-get update" do
user "root"
# Install Docker latest version
package "docker" do
package_name "lxc-docker"
action :install
service "docker" do
action :start

This comment has been minimized.

joshuamcdo commented Mar 27, 2015

Thanks for the update Chris..

I have been reading about these 'Berksfile'(s) for house now trying everything under the sun.. I think I am more or less starting to grasp what it is they do. While I haven't tried your Berksfile yet, I will. I am pretty sure it's going to complain about metadata not existing as that's where I was before your post. Albeit my Berksfile was wrong.
The other question is that since I am not using Ubuntu I assume I should remove the apt piece because apt is not used in CentOS. I do have to admit that I am a little confused why it's needed as apt is already installed in the default installation of Ubuntu and I didn't see anything in the docker recipe that makes it 'Ubuntu' centric. It's entirely possible I missed that tho. The original owdocker_install.rb was Ubuntu centric but I changed that.

Thanks for your time.



This comment has been minimized.

joshuamcdo commented Mar 27, 2015


I get what the apt cookbook is doing now. ( Updating apt to the latest before it runs any apt-get commands)
I changed that to the yum-epel cookbook and will see what works from there.
It does in fact break down because of the metadata.rb file.

Thanks so much for your help!,


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment